Cross posting from https://unix.stackexchange.com/questions/481963, this seems to be the better place to ask.
---
Just updated Debian from "stable" 9.* to "testing" 10.*.
Have nginx 1.14 - used to come from "stable backports" now included in Debian itself.
Seeing a strange issue with TLS versions in nginx.
TLS 1.3 is enabled, and 1.2 is too, but I can't seem to get TLS 1.0 / 1.1 even though they're included in nginx configs.
https://www.htbridge.com/ssl/?id=QgSrZIuN
Oh and by the way, Dovecot running on same system still has TLS 1.0 - 1.1 - 1.2 - 1.3 all functional:
https://www.htbridge.com/ssl/?id=cSArIbQQ
relevant bits from nginx site config:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers kECDHE+CHACHA20:kECDHE+AESGCM:kDHE+AESGCM:kECDHE+AES+SHA:kDHE+AES+SHA:!AESCCM:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
I tried removing either ssl_protocols or ssl_ciphers or both, nothing changed really.
Is this an intentional change in nginx - upstream or as packaged by Debian? A change in openssl itself?
Any way I can enable all TLS versions from 1.0 and up to 1.3 in nginx at the same time?
---
Found this in Debian news, basically they've disabled TLS 1.0 / 1.1 - apps have to ask for these versions specifically:
https://packages.qa.debian.org/o/openssl/news/20170824T211015Z.html
* Instead of completly disabling TLS 1.0 and 1.1, just set the minimum
version to TLS 1.2 by default. TLS 1.0 and 1.1 can be enabled again by
calling SSL_CTX_set_min_proto_version() or SSL_set_min_proto_version().
Is there some way nginx could accommodate this change and make it possible to enable TLS 1.0 / 1.1?
Maybe consider adding a new config directive like the one used by Dovecot?
https://github.com/dovecot/core/blob/master/doc/example-config/conf.d/10-ssl.conf#L55
It would still allow someone to only use TLS 1.2 and newer, or "TLS 1.0 and newer" or "TLS 1.1 and newer" without getting overly verbose.
It would also work identical with both OpenSSL variations, with and without TLS 1.3 support.